India Telecom Newshttp://indiatelecomnews.com
News and Information on Telecom and wireless in IndiaMon, 05 Mar 2018 10:41:53 +0000en-UShourly1https://wordpress.org/?v=4.9.45G in India: Government Harmonising Spectrum, Says Telecom Secretaryhttp://indiatelecomnews.com/5g-in-india-government-harmonising-spectrum-says-telecom-secretary/?utm_source=rss&utm_medium=rss&utm_campaign=5g-in-india-government-harmonising-spectrum-says-telecom-secretary
Mon, 05 Mar 2018 10:41:53 +0000http://indiatelecomnews.com/?p=1654
The government has started tuning spectrum for 5G services as part of its roadmap to become early adopter of the next generation services, which is expected to provide download speed over 1000Mbps on mobile devices. “On spectrum we are already more or less aligned with global position in 5G. Those bands we are harmonising in line with global community,” Telecom secretary Aruna Sundararajan told PTI in an interview.
At present 4G services are provided in spectrum band below 2600Mhz. With increase in frequency band count, the signal coverage area reduces, but as per technology trend, speed of transmitting data has been increasing. (Source: PTI)
]]>India’s telecom industry: Survival of the fittesthttp://indiatelecomnews.com/indias-telecom-industry-survival-of-the-fittest/?utm_source=rss&utm_medium=rss&utm_campaign=indias-telecom-industry-survival-of-the-fittest
Mon, 05 Mar 2018 10:39:42 +0000http://indiatelecomnews.com/?p=1651
With Aircel filing for bankruptcy on Wednesday, the last of the small telecom companies is out of the way. It leaves the behemoths—Bharti Airtel, Vodafone-Idea and Reliance Jio—to slug it out. Late last year, telecom secretary Aruna Sundararajan said 2017 had been a year of consolidation for the sector, while 2018 would be a year of growth. She was certainly right with regard to the former; the disruption caused by Reliance Jio’s entry has led to a wave of telecom mergers. But there are several caveats when it comes to the latter. Source
]]>We Must Secure the Internet of Things Before Someone Gets Hurthttp://indiatelecomnews.com/we-must-secure-the-internet-of-things-before-someone-gets-hurt/?utm_source=rss&utm_medium=rss&utm_campaign=we-must-secure-the-internet-of-things-before-someone-gets-hurt
Mon, 05 Mar 2018 10:23:00 +0000http://indiatelecomnews.com/?p=1647
Dick Cheney, the former vice president of the United States, famously disabled wireless access to his heart pacemaker because he was afraid that terrorists could induce a heart attack. In the 2007 movie “Live Free or Die Hard,” criminals blocked traffic and caused accidents by turning all of Washington, D.C.’s traffic signals to green.

Those real-life and fictional attacks on what we now call the Internet of Things (IoT) had the potential to cause loss of life. Considering all the IoT sensors and controls being used around the world today, it’s only a matter of time before weak security allows bad actors to seize control, enable dangerous behaviors, or trick human operators into performing the wrong action.

It’s only a matter of time. We must secure the Internet of Things before someone gets hurt. But how?

There are many challenges in that areas. For example, identity management. Are you ever exactly sure about which users, devices, or applications are trying to access your data? How can you prove identity within a reasonable doubt, but keep improving confidence that you’ve trusted the right users, and not, say, a terrorist? That means behavioral monitoring, in real time.

Take the challenge of protecting critical information, which may be regulated by laws or industries – or simply extremely valuable to corporations and to thieves. That data may affect lives immediately (like a medical device) or later (like blueprints to a hydroelectric dam’s security systems). How can you be sure that data and those devices are well protected from tampering or illicit access?

Or the networking connections themselves, which link mobile or fixed-line devices back to the data center or the cloud. Are the connections secure? Can hackers gain access by subverting an end-point… and have those connections been tested to be robust, scalable, and impenetrable? Let’s find out how.

Spot the Attack. Stop the Attack

The challenge in achieving a “secure” network, including the IoT sector, is that “security” is a negative goal, says Robert Haim, Principal Analyst at ACG Research, who focuses on the networking and telecommunications industries. “You’re trying to achieve something despite whatever adversaries might do and you don’t know what the capabilities of the adversaries are,” he explains. Since many IoT endpoint devices don’t have enough memory to include sophisticated security software in them. “So what are we going to do?”

There are actually two problems that must be solved, Haim says: “We have to worry about the security of the device itself, and then we also have to think about what we need to do if we get hacked.” It doesn’t help that 55% of companies don’t even know where the threat is coming from, and where the problem is in their network.

Look at Actions, Not Only Identity Mark McGovern, Group Leader of Threat Analytics, CA Technologies, says that there’s a huge need to watch what people are doing, once given access to a system. What they do is more important than who they are. “Whether it’s an existing system that’s doing real-time authorization of 100 million users for a financial institution, or large cable companies, the way that we think about it is not about who you claim to be or the credentials you have, it’s what you do.”

He explains, “When you meet someone on the street, they may say they are X or they do Y, but reality is, what do you observe them doing over time? That’s the level of trust that you afford to people.”

CA studies and analyzes the actual behavior of the entities authorized to use a system, and flags the things that are inconsistent with the past behaviors of those entities. “Whether that’s an IP address, an endpoint, a login, or a claimed identity, what are the things that are standing out, both against their own behavior, and then the behavior of the population,” McGovern says. “This data reinforces the learning that our systems are doing and the machine learning that we embed in those systems, and also provides value to our customers.”

Start with Threat Modeling

“Take any device, like an IoT door lock,” says John Michelsen, Chief Product Officer, Zimperium, which makes AI-based mobile threat defense software. “You’ve got to identify at a device level, network level, or application content level, what are the ways that this device could be exploited.” And then you have to block them before you go to market. It’s a real problem, Michelsen says. “At 2017’s Black Hat, someone proved that 13 of the 15 automated door knobs could be opened within just a few hours of work. At least 70% per cent of IoT consumer IT devices are hackable.”

That’s why you need threat modeling, he says: “First, you do threat modeling. You then identify ways that you’re going to prevent – detect that and go about building a solution around it.”

Everyone Must Look Outside

Every company has internal security resources for testing software, infrastructure, products, and services, but that’s not enough, says Roark Pollock, Senior Vice-President, Ziften, which offers endpoint security solutions. “You have to look outside. Look at your partners and be open to them testing your product. They may require you to go through a

Don’t trust yourself, he insists. Get external experts to double-check your engineers, double-check your code. “Then look to the community and open source projects to again ensure that there is a community of people that are double-checking, re-checking, pushing on that code.”

Pollock isn’t impressed by any company that assumes that it can do it all themselves in regard to security. “I think it’s critical to get outside help.”

Use Artificial Intelligence to Police Identity Hank Skorny, Senior Vice-President, Neustar, an identity-management company, says that it begins with determining the identity of users (or devices or applications) that are accessing IoT devices or their data. But it doesn’t stop there. “You have to establish identity. You also have to always call that into doubt, because identity is only a probability, never truly definitive.”

How do you improve confidence in that probability? “Employ machine learning and artificial intelligence,” he says, while constantly looking at monitoring whatever system that you’ve been building.

“You’re not simply going to identify somebody or determine a device or whatever. You’re going to police it. The only way you can police a nanosecond-scale world is by using computational machine learning and artificial intelligence, the constantly looking for those patterns of evil behavior — stopping it faster than a human ever could.

Prove Trust Across Multiple Domains

Some data is protected by law – think about military secrets or the personally identifiable information about health, covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) in the United States. There’s other information, though, that’s extremely sensitive, even if not covered by specific regulations. Consider data about the performance of professional athletes: It’s not HIPPA health information, but it’s crucial intelligence for billion-dollar sports teams. Zebra Sports is a business that collects practice-time and game-day telemetry on American football players, explains John Pollard, the company’s vice president, and the company had to work hard to score goals with the National Football League (NFL).

“One of the criteria that the NFL went through in evaluating various technologies was certainly security,” he says. “We collect a lot of information, and have to transfer that information into software and services so that our clients in the primary verticals can evaluate that information. The NFL certainly embodies that as well. Because we’re capturing information that has never been captured before for a professional sport, we’re talking about acceleration, deceleration, change of direction, proximity over an aggregate amount of time.”

Helping Zebra score points: Its rich experience in IoT in retail, transportation, logistics, manufacturing, and healthcare. “Our heritage working with those industries certainly helped us build a valid case to be a partner with the NFL in capturing that type of information,” says Pollard.

The security lesson here, says Pollard is that just because it’s sports doesn’t mean that it’s vital. The same principals apply to, say, military or commercial IoT as to the NFL. Telemetry for a football player is no different than telemetry for a security guard, or even a missile. The first parameter is to make it secure.

Create Trust Zones — And Enforce Them

Not all users are created equally, and not all users require the same information from an IoT device. Hospital IT staff needs to verify that data from a dialysis pump is being captured by the correct application and stored in the correct patient’s records… but they do not need to see the data, and in fact, HIPAA may forbid their access. Similarly, the IT staff need to verify that the doorway into a secured part of a building works properly, but again, they may not be authorized to open the door themselves.

“If you look at the number of people who interact with that door lock, the roles, the responsibilities, that’s where the trust zones keep building up,” says Sanjeev Datla, Chief Technology Officer, Lantronix, which builds industrial IoT technology. “What are the different levels of access for the door administrator? For the nurse as he or she interacts with the dialysis machines?”

And what about the field service technician who comes to accesses or service the machine? “Know the roles and responsibilities about what to permit, and what not to permit,” he says.

Datla insists that it’s not simple. “You have an infusion pump with an Ethernet port. What are the rings of trust, or access controls, if you will, around that port? And how is it tested?” As CA’s Mark McGovern said above, this must be more sophisticated than simple access control lists.

“We look for behavioral analysis,” says Datla, “Okay, this person is not supposed to do this at this time. So when they do that, what do you do about it? How do you raise an alert, and get approval or a block from a higher level?”

Never Forget: Everything Is Connected

“IoT devices are getting smarter and smarter,” says Ziften’s Pollock. “We’re not talking about dumb micro-controllers for control units that are air-gapped any more. We’re talking about smart sensors in the network. We’re talking about smart gateways. ”

What’s more, he points out, “Many IoT devices are fully functioning PCs for all practical purposes, yet we don’t treat those devices the way we treat regular PCs on our enterprise networks. Look, if you’re going to have all these connected devices, you’ve got to be able to monitor both the state of that device and the hygiene of that device. It must be hardened on your environment.”

Echoing previous comments, Pollock insists that companies must monitor IoT devices for behavior, not only access control. “Look for outliers from a behavior standpoint and start to identify what’s happening with that device and what it’s doing. Focus in on those outliers with the long tail of the curve on what’s happening. Identify devices that are doing something that’s out of the ordinary, and look at those and investigate those as potential issues.”

Because, after all, with IoT devices and IoT applications vulnerable to attack, lives will be at stake.

]]>Telecom regulator wants India to be among top 50 nations in ICT Indexhttp://indiatelecomnews.com/telecom-regulator-wants-india-to-be-among-top-50-nations-in-ict-index/?utm_source=rss&utm_medium=rss&utm_campaign=telecom-regulator-wants-india-to-be-among-top-50-nations-in-ict-index
Tue, 06 Feb 2018 10:10:45 +0000http://indiatelecomnews.com/?p=1643The telecom regulator’s formula to propel India to be among the top 50 nations in the global ICT Index would require massive coordination between various government departments if it has to become a reality. The country would need an investment of $100 billion by 2022 to achieve this target at a time when almost all the telecom operators are under massive financial stress.
TRAI has also set a target to ensure availability of bandwidth on demand through wireline, including cable TV and optical fibre networks to 30 per cent households by 2020 and 50 per cent households by 2022. It has said that at least 1 Gbps data connectivity to all gram panchayats to enable wireless broadband services to inhabitants by 2022 and achieve 900 million broadband subscriptions supporting download speed of 2 Mbps, out of that at least 150 million broadband subscriptions supporting download speed of 20 Mbps and 25 million at a download speed of 50 Mbps by 2022. (Source)
]]>Telecom sector can attract $100 billion investment under NTP 2018http://indiatelecomnews.com/telecom-sector-can-attract-100-billion-investment-under-ntp-2018/?utm_source=rss&utm_medium=rss&utm_campaign=telecom-sector-can-attract-100-billion-investment-under-ntp-2018
Tue, 06 Feb 2018 10:09:13 +0000http://indiatelecomnews.com/?p=1640The telecom sector should be able to address global requirements and attract investments of about USD 100 billion by 2022 under the new policy in works, as per suggestions made by sector regulator Trai.
The regulator recommended that under the new policy framework, the telecom sector should be able to generate 20 lakh jobs, achieve 900 million broadband subscriptions with download speed of 2 Mbps and connect all gram panchayats with at least 1 gigabit per second with wireless broadband by 2022. Telecom Regulatory Authority of India (Trai) reiterated its long pending demand of putting in place an ombudsman based consumer grievance redressal mechanism “by end of 2018”. (Source)
]]>India doubles Digital India allocationhttp://indiatelecomnews.com/india-doubles-digital-india-allocation/?utm_source=rss&utm_medium=rss&utm_campaign=india-doubles-digital-india-allocation
Tue, 06 Feb 2018 10:06:58 +0000http://indiatelecomnews.com/?p=1636The Government has doubled the allocation for Digital India programme to INR 30.73 billion in 2018-19 and will launch a mission to support establishment of Centres of Excellence. “Combining cyber and physical systems have great potential to transform not only innovation ecosystem but also our economies and the way we live,” Finance Minister Arun Jaitley said in his Budget speech.
To invest in research, training and skilling in robotics, artificial intelligence, digital manufacturing, big data analysis, quantum communication and internet of things, Department of Science and Technology will launch a Mission on Cyber Physical Systems to support establishment of CoEs, he added. (Source)
]]>Telecom sector leads M&A activity in India with six dealshttp://indiatelecomnews.com/telecom-sector-leads-ma-activity-in-india-with-six-deals/?utm_source=rss&utm_medium=rss&utm_campaign=telecom-sector-leads-ma-activity-in-india-with-six-deals
Tue, 06 Feb 2018 10:03:38 +0000http://indiatelecomnews.com/?p=1633Corporate India’s deal tally, including M&As as well as private equity, amounted to USD 60.5 billion driven by big ticket consolidation and the outlook for remains bullish for this year, says a report. According to assurance, tax and advisory firm Grant Thornton, there were 1,147 deals (M&A and PE) worth USD 60.54 billion last year.

]]>India success propels Chinese smartphones to top 5 global listhttp://indiatelecomnews.com/india-success-propels-chinese-smartphones-to-top-5-global-list/?utm_source=rss&utm_medium=rss&utm_campaign=india-success-propels-chinese-smartphones-to-top-5-global-list
Tue, 06 Feb 2018 10:01:45 +0000http://indiatelecomnews.com/?p=1630
Fired by big success in the Indian market, three Chinese smartphone brands — Huawei, OPPO and Xiaomi — emerged among top five global brands next to Samsung and Apple. The Chinese smartphone manufacturers wrapped up 2017 on a strong note, capturing three of the top spots on International Data Corp’s (IDC) Top Five Smartphone Company list and substantially outpacing dominant global players in shipment growth, official media here reported.
The fast growth of shipments by Huawei Technologies Co, OPPO Electronics Corp and Xiaomi Inc in 2017, when the total global smartphone market saw declines in shipments, can be attributed to the companies’ overseas expansion in countries such as India as well as improvements in the quality and technology levels of their handsets, two Chinese experts said. (Source)
]]>What is Application Specific Networking (ASN)?http://indiatelecomnews.com/what-is-application-specific-networking-asn/?utm_source=rss&utm_medium=rss&utm_campaign=what-is-application-specific-networking-asn
Tue, 06 Feb 2018 09:36:24 +0000http://indiatelecomnews.com/?p=1623You cannot simply release any app onto any network and expect it to work first time – the network performance and QoS need to match the apps’ requirements. Software Defined Networking (SDN) allows a network to be programmed, and ASN can build that programming into the app itself – claimed NetFoundry Founder, Galeal Zino

I was impressed with NetFoundry and their new Application Specific Networking (ASN) technology. To combine some current network notions, I believe NetFoundry has invented and is delivering “instant, intent-based software defined networks”—allowing users or programs to tell NetFoundry what network characteristics they need for a particular application, and NetFoundry spins up that virtually private network. Let me explain using many of Galeal Zino’s own words.

Netfoundry founder, Galeal Zino, in his keynote interview at NetEvents 2017 Global press & Analyst Summit, spoke about “Swiss army knife type networks”. To quote him: “While a general purpose Swiss army knife type network is great — it worked fine for the client server era, it worked fine when there’s a center of gravity for applications and people and private data centers. In this new digitally transformed world, we believe you actually need application-specific networks that are literally specific to, and controlled by the context of the application.”

I think we all recognize a Swiss army knife as a general purpose tool that readily adapts to specific applications: pull out a blade and it’s a knife; pull out the scissors and it cuts paper; pull out the file, the saw, the toothpick, the magnifying glass… and so on. And yet this was exactly the sort of adaptability that NetFoundry is promoting for today’s software-defined networks.

And Galeal and NetFoundry are taking this concept a full step further.

Application Specific Networking (ASN)

I asked Galeal what he meant by Application Specific Networking, and Galeal explained: “each application is literally allocated its own virtual network, purpose built for the needs of that application. Every application is different, and we construct the network accordingly. Those needs are typically security, or compliance, or performance, or reliability.”

Constructing a network for each and every application sounds extremely cumbersome, until he explained this in software-defined terms: “You go to a web console or you use our APIs in your answerable scripts, and in minutes you can spin up a global, secure application specific network. It’s a similar experience to the AWS console or Azure console where you spun up virtual machines in the cloud. In our case we enable you to spin up global networks and we’re unique in that aspect.”

This turned out to be something of an understatement, when Galeal explained further: “We are providing network platform as a service (NPaaS), and that service has the hooks and the controls and the APIs so that your applications can actually control each one of those networks. Meanwhile, you don’t need to operate those networks or own those networks; we take care of the plumbing underneath.” Comparing again with Azure and AWS he added: “I can spin-up and compute in their clouds, I don’t know how Amazon is allocating their compute blocks to your VM as opposed to my VM, but it just magically works.” And in the ASN case, “you are abstracted from the underlying complexity, yet have the ability to have your application get the reliability, performance velocity that it needs.”

The exciting part for me was the fact that the application itself can do this: in the single act of opening an application you are at the same time opening up a virtual network specifically tailored to the needs and limitations of that application—an instant, intent-based software defined, private virtual network. To ground these principles in reality, we need a simple real life example.

ASN in the Real World

Integron – an IoT (Internet of Things) Managed Services company serving connected health, energy, and transportation industries – manages wireless connectivity, security, provisioning, device management and support for some million IoT devices worldwide. They have partnered with NetFoundry to provide very secure, high-performance private network solutions – including those designed specifically for healthcare information technology.

Galeal explained how, for example, a clinical drug trial typically begins in a laboratory or hospital, but then needs to continue in an everyday home environment. The patients are provided with an Android tablet running an Integron app that receives data about the time and consumption of their medication, plus other data such as times of eating, sleeping, etc. Such sensitive personal data must be transmitted securely, and, as clinical data, it must also be utterly reliable lest the trial be compromised. As field data, however, it is transmitted by whatever Internet connection happens to be available at the time. As Galeal explained: “Integron took our SIM toolkit, our software, and integrated it with their app. So we provided them the ability – regardless of that last mile network – to securely and reliably transmit data to the folks who needed it”. The Integron App not only collects the data, it also digs a reliable, secure tunnel via NetFoundry across the Internet to transmit it safely to the administrators.

That example shows how ASN can be useful for the very wide array of network needs in various IoT environments, from infrequent, low bandwidth agriculture (corn fields, vineyards) to always on, low latency connected car. Galeal gave the example of an IoT device where the policy does not permit it to operate outside a specified geographical zone. So, if the IoT device were stolen, the app could trigger a network kill switch, or potentially divert the network traffic to a security honeypot where administrators could monitor what is happening. Galeal says “think about it from the perspective of the network engineer, the application developer, and devops, working together for that degree of automation, and essentially self-healing resiliency – a common challenge for both intent-based networking and application specific networking.”

Another example he suggested was a just-in-time manufacturing operation: “somehow, across those multiple networks and clouds, multiple suppliers, multiple production lines or assembly lines, we’re going to securely exchange data in real time for Just-in-Time manufacturing. In other words the data had better be accurate, better get there in time, and it certainly can’t be compromised from a security perspective.”

He was in no doubt about the wider significance of this technology either: “The overall need for networking has never been higher and the growth is exponential, tens of billions of IoT devices, applications that are no longer monolithic but composed of multi-cloud micro services and APIs, mobility, SaaS. All of a sudden the need for a network to connect distributed compute has never been higher. We are entirely focused on connecting application to application – while legacy networks connect node-to-node, site-to-site. Together we can meet the needs of that digital transformation journey.”

SD-WAN today

I asked him: “these examples make a lot of sense, but the hi-tech arena is full of bright ideas that fail to catch on. So what about the uptake of ASN?”

“We’re incredibly excited by the customers that are already using our platform — they are now innovating in ways that we hadn’t even thought of. When you arm developers and engineers with a new tool or a new set of capabilities, they use those tools and capabilities to innovate. For example, we have customers who are using our technology in multi-cloud applications, in IoT applications, to build business-to-business extranets where it’s a wide variety of use cases, very innovative type application and integrations, all based on one common platform, an easy to use platform. The world is moving so quickly and has to be incredibly simple to use yet powerful. The infrastructure as a service folks – AWS, Azure or Google Cloud – we’re copying what they did. It’s very easy and simple to spin up a virtual machine in the cloud, you equally need to be able to spin up a global network to meet the needs of your application.”

Reflecting on the level of agility and flexibility increasingly demanded by today’s business, he described the legacy static network as a real handicap to that development: “we put the application in control, we give the engineers

and developers the ability to actually control the network without owning the network. Now we have the capability to support the application explosion over our networks.”

After Galeal’s keynote and my interview with him, I was thinking that the Swiss army knife metaphor was a bit klunky and not sophisticated enough for ASN, but it served its purpose. I came away convinced about the significance and potential of Application Specific Networking.